Management Requests
VUMC leadership regularly requests Internal Audit to provide special and focused reviews of operational, financial, information technology, or compliance reviews. We build hours into our annual budget to provide such value-add services.
Policies and Procedures Review
Developing and documenting policies and procedures is the responsibility of VUMC management; thus, management should document business processes, personnel responsibilities, departmental operations, and promote uniformity in executing and recording transitions. The Internal Audit department completes independent reviews of new or revised policies and procedures to provide proactive assistance to leadership.
Investigations
Internal Audit often provides investigative services for leadership and the Office of Legal Affairs that are focused on specific areas of concern.
Information Systems Reviews
Advise on the effectiveness, efficiency, confidentiality, integrity, availability, compliance and reliability of data, programs, and controls for Information Technology and Systems.
Systems Implementations
Office of Internal Audit colleagues participate on Systems Implementations Committees. The roles that Internal Audit can provide include, but are not limited to: evaluating project governance and deliverables, providing independent assurance regarding objectives and milestones to leadership, and collaborating on operational, financial, information technology and compliance risks associated with the systems implementations.
Enterprise Risk Management (ERM) Program Assistance
The Office of Internal Audit supports the VUMC Risk Management team responsible for administering the organization's Enterprise Risk Management (ERM) program and leverages the resulting reports and gap assessments in our annual planning process.
VUMC Compliance and Corporate Integrity Committee
The Vice President of Internal Audit regularly attends the meetings of this committee, which monitors and governs VUMC's compliance with laws, regulations, and policies.
HealthIT and VUMC IT Committees
Internal Audit team members often attend IT leadership meetings to keep informed of initiatives and related risks to support IT leadership and to guide Internal Audit's efforts.
Clinical Leadership Committees
The Vice President of Internal Audit attends leadership meetings such as the CEEG and CEG to support leadership and keep informed of initiatives and related risks to guide our efforts.